1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single TCP/UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License along 20 * with this program; if not, write to the Free Software Foundation, Inc., 21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 22 */ 23 24 #ifndef PROXY_H 25 #define PROXY_H 26 27 #include "buffer.h" 28 #include "misc.h" 29 30 /* HTTP CONNECT authentication methods */ 31 #define HTTP_AUTH_NONE 0 32 #define HTTP_AUTH_BASIC 1 33 #define HTTP_AUTH_DIGEST 2 34 #define HTTP_AUTH_NTLM 3 35 #define HTTP_AUTH_NTLM2 4 36 #define HTTP_AUTH_N 5 /* number of HTTP_AUTH methods */ 37 38 struct http_custom_header { 39 const char *name; 40 const char *content; 41 }; 42 43 #define MAX_CUSTOM_HTTP_HEADER 10 44 struct http_proxy_options { 45 const char *server; 46 const char *port; 47 48 #define PAR_NO 0 /* don't support any auth retries */ 49 #define PAR_ALL 1 /* allow all proxy auth protocols */ 50 #define PAR_NCT 2 /* disable cleartext proxy auth protocols */ 51 int auth_retry; 52 53 const char *auth_method_string; 54 const char *auth_file; 55 const char *http_version; 56 const char *user_agent; 57 struct http_custom_header custom_headers[MAX_CUSTOM_HTTP_HEADER]; 58 bool inline_creds; 59 }; 60 61 struct http_proxy_options_simple { 62 const char *server; 63 const char *port; 64 int auth_retry; 65 }; 66 67 struct http_proxy_info { 68 bool defined; 69 int auth_method; 70 struct http_proxy_options options; 71 struct user_pass up; 72 char *proxy_authenticate; 73 bool queried_creds; 74 }; 75 76 struct http_proxy_options *init_http_proxy_options_once(struct http_proxy_options **hpo, 77 struct gc_arena *gc); 78 79 struct http_proxy_info *http_proxy_new(const struct http_proxy_options *o); 80 81 void http_proxy_close(struct http_proxy_info *hp); 82 83 bool establish_http_proxy_passthru(struct http_proxy_info *p, 84 socket_descriptor_t sd, /* already open to proxy */ 85 const char *host, /* openvpn server remote */ 86 const char *port, /* openvpn server port */ 87 struct event_timeout *server_poll_timeout, 88 struct buffer *lookahead, 89 volatile int *signal_received); 90 91 uint8_t *make_base64_string2(const uint8_t *str, int str_len, struct gc_arena *gc); 92 93 uint8_t *make_base64_string(const uint8_t *str, struct gc_arena *gc); 94 95 #endif /* PROXY_H */ 96